Skip to content

Instantly share code, notes, and snippets.

@grim-reapper

grim-reapper/XSS.php

Forked from cinkagan/XSS.php
Created August 12, 2021 09:45
Show Gist options
  • Save grim-reapper/8a73391af575c712ca6933d744908b22 to your computer and use it in GitHub Desktop.
Save grim-reapper/8a73391af575c712ca6933d744908b22 to your computer and use it in GitHub Desktop.
Download ZIP
Laravel Query String Xss Security Middleware
Raw
XSS.php
<?php
namespace App\Http\Middleware;
use Illuminate\Support\Facades\Redirect;
use Closure;
class XSS
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$url = str_replace($request->url(), "", $request->fullUrl());
$input = $request->all();
array_walk_recursive($input, function (&$input) {
$input = strip_tags($input);
});
if (preg_match('/[\'^£$%&*()}{@#~><>|_+¬-]/', $url))
return redirect($request->url() . "/" . preg_replace('/[\'^£$%&*()}{@#~><>|_+¬-]/',"",strip_tags($url)));
$request->merge($input);
return $next($request);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment